Login

SUSE SLED12 / SLES12 Security Update : python3 (SUSE-SU-2018:2696-1)

Medium Nessus Plugin ID 117478

Synopsis

The remote SUSE host is missing one or more security updates.

Description

This update for python3 provides the following fixes :These security issues were fixed :CVE-2018-1061: Prevent catastrophic backtracking in thedifflib.IS_LINE_JUNK method. An attacker could have used this flaw tocause denial of service (bsc#1088004).CVE-2018-1060: Prevent catastrophic backtracking in pop3lib's apop()method. An attacker could have used this flaw to cause denial ofservice (bsc#1088009).The update package also includes non-security fixes. See advisory fordetails.Note that Tenable Network Security has extracted the precedingdescription block directly from the SUSE security advisory. Tenablehas attempted to automatically clean and format it as much as possiblewithout introducing additional issues.